Re: [MarkLogic Dev General] Accessing WebDav as Non Admin User
Once they are created, you have to update each one like your query does. When you initially create these, you can have it put the proper permissions on either via explicitly setting the permissions when you create the documents/directories, or by setting default permissions. That is usually an easy way to do it. For example, let's say you have a role called "content-creator". If you give content-creator default permissions for ("AHD-Access-Role", "read") and ("content-creator", "update") and ("content-creator", "insert"), then all scripts run by someone who has the roe "content-creator" (if they do not explicitly set permissions) will get these 3 sets of permissions. -Danny -Original Message- From: general-boun...@developer.marklogic.com [mailto:general-boun...@developer.marklogic.com] On Behalf Of Khan, Kashif Sent: Tuesday, April 02, 2013 2:08 PM To: MarkLogic Developer Discussion Subject: Re: [MarkLogic Dev General] Accessing WebDav as Non Admin User Thanks Worked like a charm. Thanks Danny. One more thing that I wanted to ask was how can I apply permissions to all the directories and files inside a parent directory in one go. Right now I am applying permissions to all the files using script 1 and then applying the permission on directory one by one by using script 2. I appreciate your help Script 1 == for $x in xdmp:directory("/app/", "infinity") (: with infinity option it takes too much time to execute this script :) return xdmp:document-add-permissions( fn:document-uri($x), (xdmp:permission("AHD-Access-Role","read"))) Script 2 == xdmp:document-add-permissions( "/app/", (xdmp:permission("AHD-Access-Role","read"))) Kashif Khan, PMI-ACP On 4/2/13 4:48 PM, "Danny Sokolsky" wrote: >You may also need to add that permission to the directory. Something >like: > >xdmp:document-add-permissions( >"/app/", >(xdmp:permission("AHD-Access-Role","read"))) > >-Original Message- >From: general-boun...@developer.marklogic.com >[mailto:general-boun...@developer.marklogic.com] On Behalf Of Khan, >Kashif >Sent: Tuesday, April 02, 2013 1:07 PM >To: MarkLogic Developer Discussion >Subject: [MarkLogic Dev General] Accessing WebDav as Non Admin User > >Hello Everyone, I ran the following Query and changed the permission on >the documents in side the app directory. I can see that the changes >have been made but I can not access the directory "app" with WebDav >using the user that is part of the AHD-Access-Role. Any help will be >appreciated. > >for $x in xdmp:directory("/app/", "1") >return >xdmp:document-add-permissions( >fn:document-uri($x), >(xdmp:permission("AHD-Access-Role","read"))) > > > >Note: I followed the instructions suggested in the following discussion >thread: >http://www.mail-archive.com/general@developer.marklogic.com/msg07029.ht >ml > > >Kashif Khan, PMI-ACP > > > > > >On 4/1/13 5:17 PM, "Michael Blakeley" wrote: > >>Take a look at the function signature at >>http://docs.marklogic.com/xdmp:document-set-permissions >> >>xdmp:document-set-permissions( >> $uri as xs:string, >> $permissions as element(sec:permission)* >>) as empty-sequence() >> >>You're supplying an arg2 as xs:string+, when it has to be >>element(sec:permission)*. Use >>http://docs.marklogic.com/xdmp:permission >>to construct a permission element, as in the docs example: >> >>xdmp:document-set-permissions( >>"/example.xml", >>(xdmp:permission("development", "update"), >> xdmp:permission("qa", "read"))) >> >>-- Mike >> >>On 1 Apr 2013, at 13:58 , "Khan, Kashif" wrote: >> >>> I am running the following query to give "Access-Role" read >>>permission but I get the error "[1.0-ml] XDMP-NOTANODE: >>>(err:XPTY0019) xdmp:document-set-permissions(fn:document-uri($x), >>>("Access-Role","read")) >>> -- "AHD-Access-Role" is not a node" >>> >>> for $x in xdmp:directory("/app/", "1") return >>>xdmp:document-set-permissions(fn:document-uri($x), >>>("Access-Role","read")) >>> >>> >>> Any help in understanding this issue will be greatly appreciated. >>> >>> >>> Kashif Khan >>> >>> >&g
Re: [MarkLogic Dev General] Accessing WebDav as Non Admin User
Thanks Worked like a charm. Thanks Danny. One more thing that I wanted to ask was how can I apply permissions to all the directories and files inside a parent directory in one go. Right now I am applying permissions to all the files using script 1 and then applying the permission on directory one by one by using script 2. I appreciate your help Script 1 == for $x in xdmp:directory("/app/", "infinity") (: with infinity option it takes too much time to execute this script :) return xdmp:document-add-permissions( fn:document-uri($x), (xdmp:permission("AHD-Access-Role","read"))) Script 2 == xdmp:document-add-permissions( "/app/", (xdmp:permission("AHD-Access-Role","read"))) Kashif Khan, PMI-ACP On 4/2/13 4:48 PM, "Danny Sokolsky" wrote: >You may also need to add that permission to the directory. Something >like: > >xdmp:document-add-permissions( >"/app/", >(xdmp:permission("AHD-Access-Role","read"))) > >-Original Message- >From: general-boun...@developer.marklogic.com >[mailto:general-boun...@developer.marklogic.com] On Behalf Of Khan, Kashif >Sent: Tuesday, April 02, 2013 1:07 PM >To: MarkLogic Developer Discussion >Subject: [MarkLogic Dev General] Accessing WebDav as Non Admin User > >Hello Everyone, I ran the following Query and changed the permission on >the documents in side the app directory. I can see that the changes have >been made but I can not access the directory "app" with WebDav using the >user that is part of the AHD-Access-Role. Any help will be appreciated. > >for $x in xdmp:directory("/app/", "1") >return >xdmp:document-add-permissions( >fn:document-uri($x), >(xdmp:permission("AHD-Access-Role","read"))) > > > >Note: I followed the instructions suggested in the following discussion >thread: >http://www.mail-archive.com/general@developer.marklogic.com/msg07029.html > > >Kashif Khan, PMI-ACP > > > > > >On 4/1/13 5:17 PM, "Michael Blakeley" wrote: > >>Take a look at the function signature at >>http://docs.marklogic.com/xdmp:document-set-permissions >> >>xdmp:document-set-permissions( >> $uri as xs:string, >> $permissions as element(sec:permission)* >>) as empty-sequence() >> >>You're supplying an arg2 as xs:string+, when it has to be >>element(sec:permission)*. Use http://docs.marklogic.com/xdmp:permission >>to construct a permission element, as in the docs example: >> >>xdmp:document-set-permissions( >>"/example.xml", >>(xdmp:permission("development", "update"), >> xdmp:permission("qa", "read"))) >> >>-- Mike >> >>On 1 Apr 2013, at 13:58 , "Khan, Kashif" wrote: >> >>> I am running the following query to give "Access-Role" read >>>permission but I get the error "[1.0-ml] XDMP-NOTANODE: >>>(err:XPTY0019) xdmp:document-set-permissions(fn:document-uri($x), >>>("Access-Role","read")) >>> -- "AHD-Access-Role" is not a node" >>> >>> for $x in xdmp:directory("/app/", "1") return >>>xdmp:document-set-permissions(fn:document-uri($x), >>>("Access-Role","read")) >>> >>> >>> Any help in understanding this issue will be greatly appreciated. >>> >>> >>> Kashif Khan >>> >>> >>> ___ >>> General mailing list >>> General@developer.marklogic.com >>> http://developer.marklogic.com/mailman/listinfo/general >>> >> >>___ >>General mailing list >>General@developer.marklogic.com >>http://developer.marklogic.com/mailman/listinfo/general >> > >___ >General mailing list >General@developer.marklogic.com >http://developer.marklogic.com/mailman/listinfo/general >___ >General mailing list >General@developer.marklogic.com >http://developer.marklogic.com/mailman/listinfo/general ___ General mailing list General@developer.marklogic.com http://developer.marklogic.com/mailman/listinfo/general
Re: [MarkLogic Dev General] Accessing WebDav as Non Admin User
You may also need to add that permission to the directory. Something like: xdmp:document-add-permissions( "/app/", (xdmp:permission("AHD-Access-Role","read"))) -Original Message- From: general-boun...@developer.marklogic.com [mailto:general-boun...@developer.marklogic.com] On Behalf Of Khan, Kashif Sent: Tuesday, April 02, 2013 1:07 PM To: MarkLogic Developer Discussion Subject: [MarkLogic Dev General] Accessing WebDav as Non Admin User Hello Everyone, I ran the following Query and changed the permission on the documents in side the app directory. I can see that the changes have been made but I can not access the directory "app" with WebDav using the user that is part of the AHD-Access-Role. Any help will be appreciated. for $x in xdmp:directory("/app/", "1") return xdmp:document-add-permissions( fn:document-uri($x), (xdmp:permission("AHD-Access-Role","read"))) Note: I followed the instructions suggested in the following discussion thread: http://www.mail-archive.com/general@developer.marklogic.com/msg07029.html Kashif Khan, PMI-ACP On 4/1/13 5:17 PM, "Michael Blakeley" wrote: >Take a look at the function signature at >http://docs.marklogic.com/xdmp:document-set-permissions > >xdmp:document-set-permissions( > $uri as xs:string, > $permissions as element(sec:permission)* >) as empty-sequence() > >You're supplying an arg2 as xs:string+, when it has to be >element(sec:permission)*. Use http://docs.marklogic.com/xdmp:permission >to construct a permission element, as in the docs example: > >xdmp:document-set-permissions( >"/example.xml", >(xdmp:permission("development", "update"), > xdmp:permission("qa", "read"))) > >-- Mike > >On 1 Apr 2013, at 13:58 , "Khan, Kashif" wrote: > >> I am running the following query to give "Access-Role" read >>permission but I get the error "[1.0-ml] XDMP-NOTANODE: >>(err:XPTY0019) xdmp:document-set-permissions(fn:document-uri($x), >>("Access-Role","read")) >> -- "AHD-Access-Role" is not a node" >> >> for $x in xdmp:directory("/app/", "1") return >>xdmp:document-set-permissions(fn:document-uri($x), >>("Access-Role","read")) >> >> >> Any help in understanding this issue will be greatly appreciated. >> >> >> Kashif Khan >> >> >> ___ >> General mailing list >> General@developer.marklogic.com >> http://developer.marklogic.com/mailman/listinfo/general >> > >___ >General mailing list >General@developer.marklogic.com >http://developer.marklogic.com/mailman/listinfo/general > ___ General mailing list General@developer.marklogic.com http://developer.marklogic.com/mailman/listinfo/general ___ General mailing list General@developer.marklogic.com http://developer.marklogic.com/mailman/listinfo/general
[MarkLogic Dev General] Accessing WebDav as Non Admin User
Hello Everyone, I ran the following Query and changed the permission on the documents in side the app directory. I can see that the changes have been made but I can not access the directory "app" with WebDav using the user that is part of the AHD-Access-Role. Any help will be appreciated. for $x in xdmp:directory("/app/", "1") return xdmp:document-add-permissions( fn:document-uri($x), (xdmp:permission("AHD-Access-Role","read"))) Note: I followed the instructions suggested in the following discussion thread: http://www.mail-archive.com/general@developer.marklogic.com/msg07029.html Kashif Khan, PMI-ACP On 4/1/13 5:17 PM, "Michael Blakeley" wrote: >Take a look at the function signature at >http://docs.marklogic.com/xdmp:document-set-permissions > >xdmp:document-set-permissions( > $uri as xs:string, > $permissions as element(sec:permission)* >) as empty-sequence() > >You're supplying an arg2 as xs:string+, when it has to be >element(sec:permission)*. Use http://docs.marklogic.com/xdmp:permission >to construct a permission element, as in the docs example: > >xdmp:document-set-permissions( >"/example.xml", >(xdmp:permission("development", "update"), > xdmp:permission("qa", "read"))) > >-- Mike > >On 1 Apr 2013, at 13:58 , "Khan, Kashif" wrote: > >> I am running the following query to give "Access-Role" read permission >>but >> I get the error "[1.0-ml] XDMP-NOTANODE: (err:XPTY0019) >> xdmp:document-set-permissions(fn:document-uri($x), >>("Access-Role","read")) >> -- "AHD-Access-Role" is not a node" >> >> for $x in xdmp:directory("/app/", "1") >> return >> xdmp:document-set-permissions(fn:document-uri($x), >>("Access-Role","read")) >> >> >> Any help in understanding this issue will be greatly appreciated. >> >> >> Kashif Khan >> >> >> ___ >> General mailing list >> General@developer.marklogic.com >> http://developer.marklogic.com/mailman/listinfo/general >> > >___ >General mailing list >General@developer.marklogic.com >http://developer.marklogic.com/mailman/listinfo/general > ___ General mailing list General@developer.marklogic.com http://developer.marklogic.com/mailman/listinfo/general